ZoneFox comment: CynoSure Prime reverse 320 million hashed passwords
September 2017 by Dr. Jamie Graves, CEO and founder of ZoneFox
After a database of 711 million email addresses and passwords were found on a spambot server last week, a team of security researchers has managed to unhash 320 million of the records, showing that many passwords can still be uncovered despite being hashed. The comment from Dr. Jamie Graves, CEO and founder of ZoneFox — and let me know if you have any further questions for Jamie.
"CynoSure Prime’s latest (and frankly gargantuan) reversal of password hashes serves as a timely reminder of the issues facing their use. Invented during a simpler time, it’s understandable why some may argue that the humble password no longer belongs in a world rife with cyber crime that has outgrown its sophistication.
However, rather than being tossed aside completely, passwords still have a pivotal role to play when combined with other layers of security within a two or multi-factor approach – a practice being well implemented by the likes of Google and Facebook. They have essentially made the password the first layer of defence, supported by more sophisticated techniques, such as a IP listing and two-factor authentication, whereby a message is sent to a user to alert them to account access from an unknown machine.
There is also the ability to use machine learning and similar techniques to protect data further – providing a real-time 360-degree overview of what activities users are carrying out – which can identify and alert IT administrators to unusual behaviour on IT networks. It is these kinds of trends that need to grow in popularity - like many elements of our increasingly digital world, password security needs to adapt, rather than disappear. "